CCPA Compliant? Do you know if you are CCPA Compliant or not? Do you know how to get compliant in a few easy steps? If you are using Google Analytics, you need to know what this is and how to follow the guidelines.
CCPA means “California Consumers Privacy. ” It is a cookie law passed by the state of California; it is intended to protect user’s and consumer’s privacy. The law went into effect on January 1, 2020, and it’s enforceable from July 1, 2020.
Let’s cover a few basics.
CCPA affects your website if you collect and process data of California residents and exceed at least one of the following thresholds:
- Annual gross revenues of at least $25 million
- Obtains personal information of at least 50,000 California residents, households, and /or devices per year
- At least 50% of your annual revenue is generated from the sales of California residents’ data
Anyone can visit your website, including California consumers. Therefore, if you exceed or may soon exceed any of the thresholds listed above and you use any type of tracking tool, it is better to be CCPA compliant.
- What kind of information you collect and process
- Why do you collect and process information
- How do you collect and process information
- The methods to request access, change, move, or deletion of their personal data
- The method for verifying the identity of the person who submits a request
- Sales of users’ personal data and how they can opt-out of the selling of their data
This will ensure you are CCPA compliant.
GOOGLE ANALYTICS AND CCPA COMPLIANCE
Google Analytics is a tool used for understanding how people interact with your website. But it works by assigning your visitors an UserID and records personal data like IP addresses, gender, age, device, and other personal informations.
It means that it falls under CCPA’s explanation of the consumer’s personal information. Therefore it is essential to take care of this aspect if you are using Google Analytics.
Is there a simple way to get CCPA compliant with Google Analytics? You could use a plugin that is already set-up to comply with CCPA.
Chances are you may already be using MonsterInsights to track analytics for WordPress. If you are not, then you can start using it now.
CCPA COMPLIANCE WITH MONSTERINSIGHTS
MonsterInsights is the best WordPress plugin for Google Analytics. You can easily comply with the needs of the new law by installing the plugin and its EU Compliance add-on.
Remember you need at least the Plus Plan.
The EU Compliance add-on allows you to automate different processes to meet CCPA. You could:
- Anonymize user’s IP address Google Analytics hits
- Disable UserID tracking on Google Analytics
- Disable demographics and interest reports for advertising (Google Ads) and remarketing tracking in Google Analytics
- Automatically disable author tracking Google Analytics and custom dimensions addon
- Enable ga() compatibility mode
- Allow AMP addon users to agree with the Google AMP consent box before tracking their data
- Easy integration with CookieBot and Cookie Notice WordPress plugins
ACTIVATE EU COMPLIANCE ADD-ON
To access the add-on, go to Insights » Add-ons » EU Compliance. Then install and activate the add-on.
Once the add-on is activated, go to Insights » Settings » Engagement and scroll down to EU Compliance. Here you can change the settings and disable different tracking features in Google Analytics to comply with CCPA.
CREATE AN OPT OUT CONSENT BOX
Now you have to create an opt-out consent box to comply with CCPA since one of the rights, per this law, is to be able to opt-out from websites sharing data with a third party.
Those are tools that take into account CCPA and other legal requirements for everything you may be using on a website.
You may read:
The definition of ‘personal data’ under the CCPPA explicitly states that it is any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
Personal information may include but is not limited to name, email address, biometric data, IP address, Internet of Things information, geolocation data, professional or employment information, and other information.
In conclusion, if you are using Google Analytics, and you should, all that you need to do is be sure to be following the required regulations.